File: NEWS

package info (click to toggle)
softhsm 1.3.7-2%2Bdeb8u1
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 2,688 kB
  • ctags: 1,498
  • sloc: sh: 11,139; cpp: 8,504; ansic: 1,614; makefile: 110
file content (282 lines) | stat: -rw-r--r-- 9,444 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
NEWS for SoftHSM -- History of user visible changes

SoftHSM develop

Bugfixes:
* SOFTHSM-101: softhsm-keyconv creates files with sensitive material
  in insecure way. Also applies to softhsm when using --export or
  --optimize.


SoftHSM 1.3.7 - 2014-05-28

Bugfixes:
* SOFTHSM-94: umask affecting the calling application.
* SOFTHSM-96: Check if Botan has already been initialized.


SoftHSM 1.3.6 - 2014-02-24

* SOFTHSM-51: Call umask to restrict created files.

Bugfixes:
* Fix malloc(0) warning in clang.


SoftHSM 1.3.5 - 2013-09-30

Bugfixes:
* SOFTHSM-45: Improved handling of a busy database
* SUPPORT-76: Add -Wall -Werror flags and fix the warnings.
              Fix more warnings on EPEL.


SoftHSM 1.3.4 - 2012-11-24

* SOFTHSM-28: Support RSASSA-PSS signature scheme. (Patch from
  Aleksander Trofimowicz)
* SOFTHSM-29: The default location of the token database is
  now $localstatedir/lib/softhsm/.


SoftHSM 1.3.3 - 2012-05-09

* Increased performance by adding more indexes to the database.
* Describe the usage of SO and user PIN in the README.

Bugfixes:
* Detect if a C++ compiler is missing.


SoftHSM 1.3.2 - 2012-03-07

* Update the README with information on moving the database
  between different architectures.

Bugfixes:
* Fix the destruction order of the Singleton objects.


SoftHSM 1.3.1 - 2012-01-17

* The library is now installed in $libdir/softhsm/.

Bugfixes:
* Do not give a warning about the schema version if the token
  has not been initialized yet.
* The tools now return the correct exit code.


SoftHSM 1.3.0 - 2011-08-12

* Can now read CKA_ALWAYS_AUTHENTICATE but does not use it.
* Encryption and decryption using CKM_RSA_PKCS.
* Support X.509 certificates. (Patch from Thomas Calderon)
* Updated backup instructions.
* Only a Security Officer can set CKA_TRUSTED to true.
* The softhsm tool can set the value of CKA_TRUSTED.
* Support Botan 1.10.0.
* Better signing performance with a single element cache for 
  the PK_Signer object.
* Document README.MinGW describes how to build on Windows.
  (Text and patches contributed by Jaroslav Imrich)

Bugfixes:
* API changes in Botan created a namespace collision.
* API changes in Botan's state handling.
* BigInt::to_u32bit was accidently dropped in Botan. Adding it
  as a compatibility function to SoftHSM.
* Better exception handling.
* CKF_USER_PIN_COUNT_LOW and CKF_SO_PIN_COUNT_LOW must be set 
  if an incorrect PIN has been entered at least once.
* Windows: Detect LoadLibrary.
* Windows: Set CRYPTOKI_EXPORTS.
* Windows: Load library correctly in softhsm.
* Windows: Compatibility function for getpass.
* Windows: Use _putenv and not setenv.
* Windows: Generate the DLL file.
* Windows: The softhsm tool will use the DLL file by default.
* Windows: Log to EventLog.
* Windows: Fix parsing of configuration file.
* Windows: The check program now links with a shared libgcc in order to 
  make the exceptions work.

Known issue:
* Firefox does improper setting of CKA_DERIVE attribute during PKCS#12
  import. See https://bugzilla.mozilla.org/show_bug.cgi?id=515663


SoftHSM 1.2.1 - 2011-05-03 

* Backport mutex handling from v2 for increased multithreaded 
  performance.
* Remove signature verification used for debugging purposes.
  (was enabled with ./configure --enable-sigver)
* Added an index to the attribute table in the database.
* Optimization of the database handling.


SoftHSM 1.2.0 - 2010-09-30

* Added mechanism CKM_RSA_X_509 (use Botan 1.9.7 to fix a bug
  when verifying these signatures)
* The softhsm command now have the option --module <path>
  To use a PKCS#11 library other than SoftHSM.
* The softhsm command now import all parts of the RSA key.
  CKA_EXPONENT_1, CKA_EXPONENT_2, and CKA_COEFFICIENT is not needed
  by SoftHSM but might be needed by other HSM:s.
* Ticket #163: softhsm-keyconv now support BIND format v1.3
* Write message to stderr when the config file cannot be found
* CKA_WRAP_WITH_TRUSTED was not handled correctly. But it has not
  been a problem since wrapping is not supported.
* Set CKA_KEY_GEN_MECHANISM to CK_UNAVAILABLE_INFORMATION when
  importing objects.
* C_GetInfo now returns CKR_CRYPTOKI_NOT_INITIALIZED if library
  is not initialized.
* Force clean up if the app does not do C_Finalize (using auto_ptr)
* Limit the scope of the session objects to the owner application
* softhsm --optimize will clean up leftovers (session objects)
  from applications that haven't closed down properly.
* Do not use CKF_HW, the mechanisms are not performed by a device.
* The ulMinKeySize and ulMaxKeySize are not used for the digesting
  mechanisms, but we set them to zero for applications that forget
  this.
* Used wrong buffer size for signatures. This was only a problem
  for keys where (key size % 8 == 1), e.g. 1025 bit keys. 
* C_Login now returns CKR_USER_ANOTHER_ALREADY_LOGGED_IN instead of
  CKR_USER_TOO_MANY_TYPES


SoftHSM 1.1.4 - 2010-04-06

* Respect --disable-64bit
* Respect $DESTDIR for config files
* The binaries can now show the version number
* softhsm-keyconv could not handle --ttl properly
* Link softhsm static with libsofthsm
* Build libsofthsm.so without version number
* libsofthsm.so is now a loadable module


SoftHSM 1.1.3 - 2010-01-25

* Only check for the SQLite3 library. The binary is not needed.
* Switch to PKCS#11 header file from the Scute project.
* KNOWN BUG: A bug in Botan made some of the checks to fail on Debian
  unstable. The bug may appear on other platforms.
  Please upgrade to Botan 1.8.9 when it is available.


SoftHSM 1.1.2 - 2009-12-21

* Documentation on how to do backup.
* Limiting the number of concurrent sessions to 256, because SQLite has a
  limit on the number of database connections.
* Install a sample of the configuration file.
* Manual pages are now available for softhsm, softhsm-keyconv, and
  softhsm.conf
* Bugfix: --enable-64bit configure option did not work correctly.
* KNOWN BUG: A version of Botan available in some OS has a problem with
             the entropy. This causes SoftHSM to freeze in some operations.
             Please upgrade to the Botan 1.8.5 or greater.


SoftHSM 1.1.1 - 2009-12-04

* Bugfix: Signing could not be done when another application had a lock
  on the database.
* Bugfix: Check if a session were able to create a connection to the database.
* KNOWN BUG: A version of Botan available in some OS has a problem with 
             the entropy. This causes SoftHSM to freeze in some operations.
             Please upgrade to the Botan 1.8.5 or greater.


SoftHSM 1.1.0 - 2009-11-02

* The tool softhsm-keyconv can convert keys between BIND key file format
  and PKCS#8 file format. So it can be imported to SoftHSM.
  It can also convert back to BIND format.
* C_FindObjectsInit is now up to 80 % faster.
* KNOWN BUG: A version of Botan available in some OS has a problem with 
             the entropy. This causes SoftHSM to freeze in some operations.
             Please upgrade to the Botan 1.8.5 or greater.


SoftHSM 1.0.0 - 2009-09-30

* Using /usr/local, /etc, and /var as default
* Improved the performance of creating keys
* Log error message if database cannot be opened
* KNOWN BUG: A version of Botan available in some OS has a problem with 
             the entropy. This causes SoftHSM to freeze in some operations.
             Please upgrade to the Botan 1.8.5 or greater.


SoftHSM 1.0.0-RC3 - 2009-08-26

* Vacuum the empty space in the database when initializing it
* Minor speed improvment when searching for objects
* Fixed build problem with GCC >= 4.3
* Fixed some linking problem
* KNOWN BUG: A version of Botan available in some OS has a problem with 
             the entropy. This causes SoftHSM to freeze in some operations.
             Please upgrade to the Botan 1.8.5 or greater.


SoftHSM 1.0.0-RC2 - 2009-07-08

* Added a check for the Botan library in config script
* SoftHSM will not add a default label/ID to a key pair when the
  key pair is generated, as were the case in the previous
  versions.
* Improved database handling
* New database schema. Is not compliant with previous versions.
* Comments can be added to the config file by using #
* The default location of the config file is $sysconfdir/softhsm.conf
* Simplified the configure options
* The softhsm tool initialize the tokens by using the library.
* Import keys via PKCS#11 and the softhsm tool.
* Export keys via the softhsm tool


SoftHSM 1.0.0-RC1 - 2009-03-10

* Versioning moved to the configure script
* This is release candidate 1


SoftHSM 0.5 - 2009-02-20

* Admin tool for creating tokens.
* Config file in /etc/softhsm.conf
* All session objects are removed when the session creating
  them are closed.
* User credentials as specified in PKCS#11


SoftHSM 0.4 - 2009-02-10

* Only one library is compiled (libsofthsm.so). The log level
  is defined by using the flag --with-loglevel


SoftHSM 0.3 - 2009-02-03

* A better mutex handling. Each PKCS#11 function call is treated 
  as atomic functions. The mutex handling is activated when given 
  correct parameters to the init function. 


SoftHSM 0.2 - 2009-01-23

* Two libraries are compiled. One normal (libsofthsm.so) and
  one for debugging (libsofthsm.d.so). The debug info is saved
  in the syslog.


SoftHSM 0.1 - 2009-01-21

* Starting point of the NEWS file.
* Have an interface to the user in accordance with PKCS#11.
* This file will be properly maintained when we start releasing 
  the source code.